package com.sykj.bsc.rwl.filter;


import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.apache.shiro.web.util.WebUtils;
/**
 * 
 * @ClassName:  MyFormAuthentication   
 *@Description: 内置登录 
 * @author 任文龙
 ** @date:   2018年8月10日 下午5:14:34
 */
public class MyFormAuthentication  extends FormAuthenticationFilter{
	

	//判断验证码
	protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
		HttpServletRequest req=(HttpServletRequest) request;
		String code=req.getParameter("code");
		HttpSession session=req.getSession();
		String data=(String) session.getAttribute("data1");
		if(code!=null&&data!=null) {
			if(!code.equals(data)) {
				req.setAttribute("shiroLoginFailure", "verificationCodeError");
				return true;
			}
		}
		return super.onAccessDenied(request, response);
	}

	/*//登录成功跳转的页面
	protected boolean onLoginSuccess(AuthenticationToken token, Subject subject, ServletRequest request,
			ServletResponse response) throws Exception {
		//清空当前request的地址
				WebUtils.getAndClearSavedRequest(request);
				//固定的首页面 认证成功后
				WebUtils.redirectToSavedRequest(request, response,"/user/index");
				System.out.println("登录成功...");
				return false;
	}*/
	
	
	//将错误信息返回到页面
	/*protected boolean onLoginFailure(AuthenticationToken token, AuthenticationException e, ServletRequest request,
			ServletResponse response) {
		 response.setCharacterEncoding("UTF-8");
		 HttpServletRequest req=(HttpServletRequest) request;
		 String shiroLoginFailure=(String) req.getAttribute("shiroLoginFailure");
         try {
			PrintWriter out = response.getWriter();
			  String message = e.getClass().getSimpleName();
			  System.out.println("message:"+message);
			  System.out.println("shiroLoginFailure:"+shiroLoginFailure);
			  if ("IncorrectCredentialsException".equals(message)) {
	                out.println("密码错误");
	            } else if ("UnknownAccountException".equals(message)) {
	                out.println("账号不存在");
	            } else if ("LockedAccountException".equals(message)) {
	                out.println("账号被锁定");
	            } else {
	                out.println("未知错误");
	            }
			  	if(shiroLoginFailure!=null&&shiroLoginFailure.equals("verificationCodeError")) {
				  out.println("验证码错误");
			  }
	            out.flush();
	            out.close();
		} catch (IOException e1) {
			e1.printStackTrace();
		}
		return false;
	}
	*/
	
}
